SpringBoot简单整合Gateway⽹关
引⼊依赖
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
我和nacos整合了引⼊了下⾯的依赖
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
<version>2.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
<version>2.1.4.RELEASE</version>
</dependency>
如果⽹关有时候请求超时或者卡顿,可以在主启动类中加⼊
public static void main(String[] args) {
System.setProperty(ReactorNetty.NATIVE,"false");
System.setProperty(ReactorNetty.IO_WORKER_COUNT, "6");
System.setProperty(ReactorNetty.IO_SELECT_COUNT, "6");
SpringApplication.run(GatewayApplication.class, args);
}
统⼀鉴权过滤器
AuthFilter.java
import com.alibaba.fastjson.JSON;
import com.kotei.gatewayweb.apiResult.ApiResult;
import com.fig.properties.IgnoreWhiteProperties;
import com.dis.RedisUtils;
import com.kotei.gatewayweb.utils.JWTUtils;
import org.apachemons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import Ordered;
import io.buffer.DataBufferFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.active.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.CollectionUtils;
import org.springframework.web.server.ServerWebExchange;
publisher.Mono;
import java.util.List;
/**
* ⽹关鉴权
*
* @author .
*/
@Component
public class AuthFilter implements GlobalFilter, Ordered {
private static final Logger log = Logger(AuthFilter.class);
@Autowired
private RedisUtils redisUtils;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String url = Request().getURI().getPath();// 跳过不需要验证的路径配置⽂件⾥⾃⼰添加 list集合格式即可,这⾥是伪代码所以没有这个类if (matches(url, Whites())) {
log.info(">>>>>>>>跳过该请求验证:{}",url);
return chain.filter(exchange);
}
//这是请求接⼝中header的token参数值
String token = Request().getHeaders().getFirst("token");
if (token == null || !ists(token)) {
return setUnauthorizedResponse(exchange, "token信息不存在");
}
//验证token是否正确根据⾃⼰的来
boolean validateJWT = JWTUtils.validateJWT(token);
if (!validateJWT) {
return setUnauthorizedResponse(exchange, "令牌验证失败");
}
log.info(">>>>>>>>>>>认证执⾏完成 {}",url);
return chain.filter(exchange);
}
/
**
* 查指定字符串是否匹配指定字符串列表中的任意⼀个字符串
*
微服务网关设计* @param str 指定字符串
* @param strs 需要检查的字符串数组
* @return是否匹配
*/
public static boolean matches(String str, List<String> strs) {
if (StringUtils.isEmpty(str) || CollectionUtils.isEmpty(strs)) {
return false;
}
for (String pattern : strs) {
if (isMatch(pattern,str)) {
return true;
}
}
return false;
}
/**
* 判断url是否与规则配置:
* ? 表⽰单个字符;
* * 表⽰⼀层路径内的任意字符串,不可跨层级;
* ** 表⽰任意层路径;
*
* @param pattern 匹配规则
* @param url 需要匹配的url
* @return
*/
public static boolean isMatch(String pattern, String url) {
AntPathMatcher matcher = new AntPathMatcher();
return matcher.match(pattern, url);
}
//返回错误信息
private Mono<Void> setUnauthorizedResponse(ServerWebExchange exchange, String msg) {
ServerHttpResponse response = Response();
response.setStatusCode(HttpStatus.OK);
<("[鉴权异常处理]请求路径:{}", Request().getPath());
return response.writeWith(Mono.fromSupplier(() -> {
DataBufferFactory bufferFactory = response.bufferFactory();
return bufferFactory.JSONBytes(new ApiResult<>().failure(msg)));
}));
}
@Override
public int getOrder() {
return -200;
}
}
配置⽰例(以下是整合nacos的写法,主要是routes部分)spring:
cloud:
gateway:
discovery:
locator:
enabled: true #让gateway可以发现nacos中的其他微服务, 进⾏路由转发 routes:
- id: api
uri: lb://api-service
predicates:
- Path=/api/**
id:唯⼀标识,必须唯⼀
url:转发的服务 lb 是因为使⽤了注册中⼼
predicates 断⾔,表⽰符合规则就进⾏转发
请求路径截取
spring:
cloud:
gateway:
routes:
-
id: nameRoot
uri: nameservice
predicates:
- Path=/name/api/**
filters:
- StripPrefix=1
这⾥的“1”表⽰截去的前⾯的 /name
如果是“2”就表⽰截去前⾯的 “/name/api”
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论